ProtectionDomainpublic class ProtectionDomain extends Object
This ProtectionDomain class encapsulates the characteristics of a domain,
which encloses a set of classes whose instances are granted a set
of permissions when being executed on behalf of a given set of Principals.
A static set of permissions can be bound to a ProtectionDomain when it is
constructed; such permissions are granted to the domain regardless of the
Policy in force. However, to support dynamic security policies, a
ProtectionDomain can also be constructed such that it is dynamically
mapped to a set of permissions by the current Policy whenever a permission
is checked.
|
Fields Summary |
---|
private CodeSource | codesource | private ClassLoader | classloader | private Principal[] | principals | private PermissionCollection | permissions | private boolean | staticPermissions | private static final Debug | debug |
Constructors Summary |
---|
public ProtectionDomain(CodeSource codesource, PermissionCollection permissions)Creates a new ProtectionDomain with the given CodeSource and
Permissions. If the permissions object is not null, then
setReadOnly()) will be called on the passed in
Permissions object. The only permissions granted to this domain
are the ones specified; the current Policy will not be consulted.
this.codesource = codesource;
if (permissions != null) {
this.permissions = permissions;
this.permissions.setReadOnly();
}
this.classloader = null;
this.principals = new Principal[0];
staticPermissions = true;
| public ProtectionDomain(CodeSource codesource, PermissionCollection permissions, ClassLoader classloader, Principal[] principals)Creates a new ProtectionDomain qualified by the given CodeSource,
Permissions, ClassLoader and array of Principals. If the
permissions object is not null, then setReadOnly()
will be called on the passed in Permissions object.
The permissions granted to this domain are dynamic; they include
both the static permissions passed to this constructor, and any
permissions granted to this domain by the current Policy at the
time a permission is checked.
This constructor is typically used by
{@link SecureClassLoader ClassLoaders}
and {@link DomainCombiner DomainCombiners} which delegate to
Policy to actively associate the permissions granted to
this domain. This constructor affords the
Policy provider the opportunity to augment the supplied
PermissionCollection to reflect policy changes.
this.codesource = codesource;
if (permissions != null) {
this.permissions = permissions;
this.permissions.setReadOnly();
}
this.classloader = classloader;
this.principals = (principals != null ?
(Principal[])principals.clone():
new Principal[0]);
staticPermissions = false;
|
Methods Summary |
---|
public final java.lang.ClassLoader | getClassLoader()Returns the ClassLoader of this domain.
return this.classloader;
| public final java.security.CodeSource | getCodeSource()Returns the CodeSource of this domain.
return this.codesource;
| public final java.security.PermissionCollection | getPermissions()Returns the static permissions granted to this domain.
return permissions;
| public final java.security.Principal[] | getPrincipals()Returns an array of principals for this domain.
return (Principal[])this.principals.clone();
| public boolean | implies(java.security.Permission permission)Check and see if this ProtectionDomain implies the permissions
expressed in the Permission object.
The set of permissions evaluated is a function of whether the
ProtectionDomain was constructed with a static set of permissions
or it was bound to a dynamically mapped set of permissions.
If the ProtectionDomain was constructed to a
{@link #ProtectionDomain(CodeSource, PermissionCollection)
statically bound} PermissionCollection then the permission will
only be checked against the PermissionCollection supplied at
construction.
However, if the ProtectionDomain was constructed with
the constructor variant which supports
{@link #ProtectionDomain(CodeSource, PermissionCollection,
ClassLoader, java.security.Principal[]) dynamically binding}
permissions, then the permission will be checked against the
combination of the PermissionCollection supplied at construction and
the current Policy binding.
if (!staticPermissions &&
Policy.getPolicyNoCheck().implies(this, permission))
return true;
if (permissions != null)
return permissions.implies(permission);
return false;
| private java.security.PermissionCollection | mergePermissions()
if (staticPermissions)
return permissions;
PermissionCollection perms = (PermissionCollection)
java.security.AccessController.doPrivileged
(new java.security.PrivilegedAction() {
public Object run() {
Policy p = Policy.getPolicyNoCheck();
return p.getPermissions(ProtectionDomain.this);
}
});
Permissions mergedPerms = new Permissions();
int swag = 32;
int vcap = 8;
Enumeration e;
List pdVector = new ArrayList(vcap);
List plVector = new ArrayList(swag);
//
// Build a vector of domain permissions for subsequent merge
if (permissions != null) {
synchronized (permissions) {
e = permissions.elements();
while (e.hasMoreElements()) {
Permission p = (Permission)e.nextElement();
pdVector.add(p);
}
}
}
//
// Build a vector of Policy permissions for subsequent merge
if (perms != null) {
synchronized (perms) {
e = perms.elements();
while (e.hasMoreElements()) {
plVector.add(e.nextElement());
vcap++;
}
}
}
if (perms != null && permissions != null) {
//
// Weed out the duplicates from the policy. Unless a refresh
// has occured since the pd was consed this should result in
// an empty vector.
synchronized (permissions) {
e = permissions.elements(); // domain vs policy
while (e.hasMoreElements()) {
Permission pdp = (Permission)e.nextElement();
Class pdpClass = pdp.getClass();
String pdpActions = pdp.getActions();
String pdpName = pdp.getName();
for (int i = 0; i < plVector.size(); i++) {
Permission pp = (Permission) plVector.get(i);
if (pdpClass.isInstance(pp)) {
// The equals() method on some permissions
// have some side effects so this manual
// comparison is sufficient.
if (pdpName.equals(pp.getName()) &&
pdpActions.equals(pp.getActions())) {
plVector.remove(i);
break;
}
}
}
}
}
}
if (perms !=null) {
// the order of adding to merged perms and permissions
// needs to preserve the bugfix 4301064
for (int i = plVector.size()-1; i >= 0; i--) {
mergedPerms.add((Permission)plVector.get(i));
}
}
if (permissions != null) {
for (int i = pdVector.size()-1; i >= 0; i--) {
mergedPerms.add((Permission)pdVector.get(i));
}
}
return mergedPerms;
| private static boolean | seeAllp()Return true (merge policy permissions) in the following cases:
. SecurityManager is null
. SecurityManager is not null,
debug is not null,
SecurityManager impelmentation is in bootclasspath,
Policy implementation is in bootclasspath
(the bootclasspath restrictions avoid recursion)
. SecurityManager is not null,
debug is null,
caller has Policy.getPolicy permission
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
return true;
} else {
if (debug != null) {
if (sm.getClass().getClassLoader() == null &&
Policy.getPolicyNoCheck().getClass().getClassLoader()
== null) {
return true;
}
} else {
try {
sm.checkPermission(SecurityConstants.GET_POLICY_PERMISSION);
return true;
} catch (SecurityException se) {
// fall thru and return false
}
}
}
return false;
| public java.lang.String | toString()Convert a ProtectionDomain to a String.
String pals = "<no principals>";
if (principals != null && principals.length > 0) {
StringBuilder palBuf = new StringBuilder("(principals ");
for (int i = 0; i < principals.length; i++) {
palBuf.append(principals[i].getClass().getName() +
" \"" + principals[i].getName() +
"\"");
if (i < principals.length-1)
palBuf.append(",\n");
else
palBuf.append(")\n");
}
pals = palBuf.toString();
}
// Check if policy is set; we don't want to load
// the policy prematurely here
PermissionCollection pc = Policy.isSet() && seeAllp() ?
mergePermissions():
getPermissions();
return "ProtectionDomain "+
" "+codesource+"\n"+
" "+classloader+"\n"+
" "+pals+"\n"+
" "+pc+"\n";
|
|